[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DSO-style FFI

From: Davis Herring
Subject: Re: DSO-style FFI
Date: Wed, 09 Oct 2013 17:52:36 -0600
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110717 Lanikai/3.1.11

> That's pretty dangerous, isn't it?  Any memory corruption, intentional
> or not, could affect the user significantly.  Is that an acceptable risk?

Intentional memory corruption is entirely beside the point -- you're
already planning to run whatever code the DSO provides with your current
security credentials.  (You even already run DSO-specified code as soon
as you call dlopen().)

As for accidental corruption, you can at least protect your Lisp_Objects
by controlling how you copy data into and out of them.  (Of course, a
wild pointer can corrupt absolutely anything, but you're not very likely
to be in an undesirable "Emacs appears functional but is confused" state.)


This product is sold by volume, not by mass.  If it appears too dense or
too sparse, it is because mass-energy conversion has occurred during

reply via email to

[Prev in Thread] Current Thread [Next in Thread]